On Wednesday 20 June 2007 08:18:26 sriram purushothaman wrote:
> Scott,
>
> I am attaching my WEB.XML available under tomcat-5.5.16/cas/WEB-INF folder.
> I have given entries only loginURL, validateURL and ServerName. I have not
> given an entry for ServiceURL. Is that required?
>
> Please check my web.xml and tell me which URL should I use in my IE?
> I tried using http://localhost:8080/cas/login. I got CAS login page. But
> after giving my credentials i got an exception. My LDAP auth did not happen
>
> Thanks
>
> Scott Battaglia <[EMAIL PROTECTED]> wrote: This might help you:
> http://www.ja-sig.org/wiki/display/CASUM/LDAP
>
> (note that the first step about the dependency relates to CAS 3.1 and not
> CAS 3.0.x but the rest of the information should be okay).
>
> -Scott
>
> On 6/19/07, sriram purushothaman <[EMAIL PROTECTED]> wrote: Please check
> this bean entry in deployer..xml <bean id="contextSource"
> class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
> <property name="authenticatedReadOnly" value="false" /> <property
> name="userName" value="" />
> <property name="password" value="" />
> <property name="urls">
> <list>
> <value>ldap://XX.XXX.X.XXX:389/</value>
> </list>
> </property>
>
> <property name="baseEnvironmentProperties">
> <map>
> <entry>
>
> <key><value>java.naming.security.authentication</value></key>
> <value>simple</value>
> </entry>
> </map>
> </property>
> </bean>
>
> What should i give for UserName and Password?
> Should i give the Distinguished Name and password that i normally use in
> httpd.conf(Apache web-server + weblogic) and what should i give for URLs
> list
>
> Please let me know
>
> Thanks
>
> Scott Battaglia <[EMAIL PROTECTED]> wrote: If you're using a
> non-Sun JVM, then you need to set the "responseControlFactory" property on
> the ContextSource. The default is an internal Sun implementation.
>
> -Scott
>
> On 6/19/07, sriram purushothaman <[EMAIL PROTECTED]> wrote: Hi
>
> I have done LDAP authentication using Apache Webserver 2.0.59 and Weblogic
> 8.1 and I am successful with it. Now i want to do it with CAS.
>
> I am new to CAS and i am trying out few stuff. I am using Tomcat 5.5.16,
> JDK 1.42
>
> 1. I have download cas-server-3.0.7 and cas-client-java-2.1.1
> 2. I have downloaded cas-server-ldap-3.0.7 JAR , spring-ldap1.1.2 JAR,
> ldapbp1.0 JAR and put these 3 JARs in localplugins/lib folder. 3. Did ant
> jar and ant war. Got the localplugins.jar and the WAR file 4. I changed my
> deployerConfigContext.xml. I have attached the same here.Please check and
> tell me whether it is correct. 5. Copied the WAR into my tomcat/webapps
> 6. When i start my tomcat, i am getting the attached error.
>
> I have downloaded this folder structure com.sun.jndi.ldap.<>, but not sure
> what to do with it.
>
> Regards,
> Sriram
>
>
> ---------------------------------
> Don't pick lemons.
> See all the new 2007 cars at Yahoo! Autos.
>
>
> 2007-06-19 14:55:45,250 ERROR
> [org.springframework.web.context.ContextLoader] - <Context initialization
> failed> org.springframework.beans.factory.BeanCreationException: Error
> creating bean with name 'centralAuthenticationService' defined in
> ServletContext resource [/WEB-INF/applicationContext.xml]: Cannot resolve
> reference to bean 'authenticationManager' while setting bean property
> 'authenticationManager'; nested exception is
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name 'authenticationManager' defined in ServletContext resource
> [/WEB-INF/deployerConfigContext.xml]: Cannot create inner bean '
> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#b2e752' of type
> [org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler] while setting
> bean property 'authenticationHandlers' with key [1]; nested exception is
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name
> 'org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#b2e752' defined
> in ServletContext resource [/WEB-INF/deployerConfigContext.xml]: Cannot
> resolv!
> e reference to bean 'contextSource' while setting bean property
> 'contextSource'; nested exception is
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name 'contextSource' defined in ServletContext resource
> [/WEB-INF/deployerConfigContext.xml]: Instantiation of bean failed; nested
> exception is java.lang.NoClassDefFoundError:
> com.sun.jndi.ldap.ctl.ResponseControlFactory Caused by:
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name 'authenticationManager' defined in ServletContext resource
> [/WEB-INF/deployerConfigContext.xml]: Cannot create inner bean '
> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#b2e752' of type
> [org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler] while setting
> bean property 'authenticationHandlers' with key [1]; nested exception is
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name
> 'org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#b2e752' defined
> in ServletContext resource [/WEB-INF/deployerConfigContext.xml]: Cannot
> resolve reference to bean 'contextSource' while setting bean property
> 'contextSource'; nested exception is
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name 'contextSource' defined in ServletContext resource
> [/WEB-INF/deployerConfigContext.xml]: Instantiation of bean failed; nested
> exce!
> ption is java.lang.NoClassDefFoundError:
> com.sun.jndi.ldap.ctl.ResponseControlFactory Caused by:
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name
> 'org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#b2e752 '
> defined in ServletContext resource [/WEB-INF/deployerConfigContext.xml]:
> Cannot resolve reference to bean 'contextSource' while setting bean
> property 'contextSource'; nested exception is
> org.springframework.beans.factory.BeanCreationException : Error creating
> bean with name 'contextSource' defined in ServletContext resource
> [/WEB-INF/deployerConfigContext.xml]: Instantiation of bean failed; nested
> exception is java.lang.NoClassDefFoundError:
> com.sun.jndi.ldap.ctl.ResponseControlFactory Caused by:
> org.springframework.beans.factory.BeanCreationException: Error creating
> bean with name 'contextSource' defined in ServletContext resource
> [/WEB-INF/deployerConfigContext.xml]: Instantiation of bean failed; nested
> exception is java.lang.NoClassDefFoundError:
> com.sun.jndi.ldap.ctl.ResponseControlFactory Caused by:
> java.lang.NoClassDefFoundError:
> com.sun.jndi.ldap.ctl.ResponseControlFactory at
> org.springframework.ldap.support.LdapContextSource.class$
> (LdapContextSource.java:42) at
> org.springframework.ldap.support.LdapContextSource.<clinit>(LdapContextSour
>ce.java:42) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
> Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance
> (NativeConstructorAccessorImpl.java:39) at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstru
>ctorAccessorImpl.java:27) at
> java.lang.reflect.Constructor.newInstance(Constructor.java :274) at
> org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:84) at
> org.springframework.beans.BeanUtils.instantiateClass (BeanUtils.java:60) at
> org.springframework.beans.factory.support.SimpleInstantiationStrategy.insta
>ntiate (SimpleInstantiationStrategy.java:45) at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.instantiateBean (AbstractAutowireCapableBeanFactory.java:739) at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.createBeanInstance (AbstractAutowireCapableBeanFactory.java:727) at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.createBean (AbstractAutowireCapableBeanFactory.java:390) at
> org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject
> (AbstractBeanFactory.java:254) at
> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getS
>ingleton (DefaultSingletonBeanRegistry.java:144) at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean
> (AbstractBeanFactory.java:251) at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean
> (AbstractBeanFactory.java:163) at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol
>veReference(BeanDefinitionValueResolver.java :271) at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol
>veValueIfNecessary (BeanDefinitionValueResolver.java:128) at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.applyPropertyValues (AbstractAutowireCapableBeanFactory.java:1047) at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.populateBean (AbstractAutowireCapableBeanFactory.java:843) at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.createBean (AbstractAutowireCapableBeanFactory.java:427) at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol
>veInnerBean (BeanDefinitionValueResolver.java:221) at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol
>veValueIfNecessary (BeanDefinitionValueResolver.java:111) at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol
>veManagedList (BeanDefinitionValueResolver.java:291) at
> org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol
>veValueIfNecessary (BeanDefinitionValueResolver.java:132) at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.applyPropertyValues (AbstractAutowireCapableBeanFactory.java:1047) at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.populateBean (AbstractAutowireCapableBeanFactory.java:843) at
> org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
>y.createBean (AbstractAutowireCapableBeanFactory.java:427) at
> org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject
> (AbstractBeanFactory.java:254) at
> org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getS
>ingleton (DefaultSingletonBeanRegistry.java:144) at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean
> (AbstractBeanFactory.java:251) at
> org.springframework.beans.factory.support.AbstractBeanFactory.getBean
> (AbstractBeanFactory.java:163)
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>
>
>
>
> --
> -Scott Battaglia
>
>
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
> _______________________________________________ Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>
>
> ---------------------------------
> We won't tell. Get more on shows you hate to love
> (and love to hate): Yahoo! TV's Guilty Pleasures list.
>
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas
you mixed up a few things. The cas-filter is to be used with your client
application not with cas. This means that your web.xml for cas is wrong.
It should look like this ....
<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
<display-name>Central Authentication System (CAS) 3.0</display-name>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
/WEB-INF/applicationContext.xml,
/WEB-INF/deployerConfigContext.xml
</param-value>
</context-param>
<!-- DEBUT Ajout pour OPIAM -->
<filter>
<filter-name>additional cookie</filter-name>
<filter-class>com.atosorigin.opiam.auth.cas.CreateAdditionalCookie</filter-class>
</filter>
<filter-mapping>
<filter-name>additional cookie</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- FIN Ajout pour OPIAM -->
<!--
place this into the contextConfigLocation to enable
service restrictions.
/WEB-INF/approvedServices.xml, .....
In fact I didn't not even change anything in-there.
The first thing you have to do is try out https connection to CAS. For me it
was :
https://localhost:8443/cas/login but by default the port is 8444, so it would
be
https://localhost:8444/cas/login
Then if you've made the changes you need to in deployerConfigContext.xml, you
should be able to authenticate with a valid user&password.
See my configuration attached.
Hope it helps
--
Futschik Adrien
Atos Origin
Tour "Les Miroirs"
18, avenue d'Alsace
92296 Paris La Défense Cedex
FRANCE
Â
Phone: +33 (0) 1 55 91 24 82
[EMAIL PROTECTED]
www.si.fr.atosorigin.com<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!--
| deployerConfigContext.xml centralizes into one file some of the declarative configuration that
| all CAS deployers will need to modify.
|
| This file declares some of the Spring-managed JavaBeans that make up a CAS deployment.
| The beans declared in this file are instantiated at context initialization time by the Spring
| ContextLoaderListener declared in web.xml. It finds this file because this
| file is among those declared in the context parameter "contextConfigLocation".
|
| By far the most common change you will need to make in this file is to change the last bean
| declaration to replace the default SimpleTestUsernamePasswordAuthenticationHandler with
| one implementing your approach for authenticating usernames and passwords.
+-->
<beans>
<!--
| This bean declares our AuthenticationManager. The CentralAuthenticationService service bean
| declared in applicationContext.xml picks up this AuthenticationManager by reference to its id,
| "authenticationManager". Most deployers will be able to use the default AuthenticationManager
| implementation and so do not need to change the class of this bean. We include the whole
| AuthenticationManager here in the userConfigContext.xml so that you can see the things you will
| need to change in context.
+-->
<bean id="authenticationManager"
class="org.jasig.cas.authentication.AuthenticationManagerImpl">
<!--
| This is the List of CredentialToPrincipalResolvers that identify what Principal is trying to authenticate.
| The AuthenticationManagerImpl considers them in order, finding a CredentialToPrincipalResolver which
| supports the presented credentials.
|
| AuthenticationManagerImpl uses these resolvers for two purposes. First, it uses them to identify the Principal
| attempting to authenticate to CAS /login . In the default configuration, it is the DefaultCredentialsToPrincipalResolver
| that fills this role. If you are using some other kind of credentials than UsernamePasswordCredentials, you will need to replace
| DefaultCredentialsToPrincipalResolver with a CredentialsToPrincipalResolver that supports the credentials you are
| using.
|
| Second, AuthenticationManagerImpl uses these resolvers to identify a service requesting a proxy granting ticket.
| In the default configuration, it is the HttpBasedServiceCredentialsToPrincipalResolver that serves this purpose.
| You will need to change this list if you are identifying services by something more or other than their callback URL.
+-->
<property name="credentialsToPrincipalResolvers">
<list>
<!--
| UsernamePasswordCredentialsToPrincipalResolver supports the UsernamePasswordCredentials that we use for /login
| by default and produces SimplePrincipal instances conveying the username from the credentials.
|
| If you've changed your LoginFormAction to use credentials other than UsernamePasswordCredentials then you will also
| need to change this bean declaration (or add additional declarations) to declare a CredentialsToPrincipalResolver that supports the
| Credentials you are using.
+-->
<bean
class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" />
<!--
| HttpBasedServiceCredentialsToPrincipalResolver supports HttpBasedCredentials. It supports the CAS 2.0 approach of
| authenticating services by SSL callback, extracting the callback URL from the Credentials and representing it as a
| SimpleService identified by that callback URL.
|
| If you are representing services by something more or other than an HTTPS URL whereat they are able to
| receive a proxy callback, you will need to change this bean declaration (or add additional declarations).
+-->
<bean
class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" />
</list>
</property>
<!--
| Whereas CredentialsToPrincipalResolvers identify who it is some Credentials might authenticate,
| AuthenticationHandlers actually authenticate credentials. Here we declare the AuthenticationHandlers that
| authenticate the Principals that the CredentialsToPrincipalResolvers identified. CAS will try these handlers in turn
| until it finds one that both supports the Credentials presented and succeeds in authenticating.
+-->
<property name="authenticationHandlers">
<list>
<!--
| This is the authentication handler that authenticates services by means of callback via SSL, thereby validating
| a server side SSL certificate.
+-->
<bean
class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" >
<property name="httpClient" ref="httpClient" />
</bean>
<!--
| This is the authentication handler declaration that every CAS deployer will need to change before deploying CAS
| into production. The default SimpleTestUsernamePasswordAuthenticationHandler authenticates UsernamePasswordCredentials
| where the username equals the password. You will need to replace this with an AuthenticationHandler that implements your
| local authentication strategy. You might accomplish this by coding a new such handler and declaring
| edu.someschool.its.cas.MySpecialHandler here, or you might use one of the handlers provided in the adaptors modules.
+-->
<bean
class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" >
<property name="filter" value="uid=%u" />
<property name="searchBase" value="dc=mycompany,dc=com" />
<property name="contextSource" ref="contextSource" />
</bean>
</list>
</property>
</bean>
<bean id="contextSource" class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
<!--
<property name="authenticatedReadOnly" value="true" />
-->
<property name="anonymousReadOnly" value="false"/>
<property name="password" value="secret" />
<property name="pooled" value="true" />
<property name="urls">
<list>
<value>ldap://localhost:4800/</value>
</list>
</property>
<property name="userName" value="cn=manager,dc=mycompany,dc=com" />
<property name="baseEnvironmentProperties">
<map>
<entry>
<key><value>java.naming.security.authentication</value></key>
<value>simple</value>
</entry>
</map>
</property>
</bean>
</beans>
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas